Muncie-based Cancer Services of East Central Indiana-Little Red Door was hacked by an "international cyberterrorism organization."
Little Red Door claimed that its server and backup drive were hacked and its data was stripped, encrypted and taken for ransom Jan. 11. The agency said a ransom of 50 bitcoin — roughly $43,000 — was demanded by the hackers.
Little Red Door said the "self-identified dark web organization" communicated via cell phones, a "form letter" and multiple emails. The organization allegedly threatened to contact the family members of Little Red Door's cancer clients, donors and community partners.
Aimee Fant, executive director of Little Red Door, claimed the agency "will not pay a ransom when all funds raised must instead go to serving families, all stage cancer clients, late stage care/hospice support preventative screenings." She added that Little Red Door, which is working with the FBI, plans on replacing and rebuilding its data and replacing its terminal server with a cloud-based system.
DataBreaches.net later unveiled the hack was by TheDarkOverlord, who tells a slightly different story. TheDarkOverlord said there was no ransomware involved in the attack on Little Red Door. Instead, TheDarkOverlord claimed it "hacked LRD, exfiltrated their data and then demanded payment not to release the data publicly." TheDarkOverlord said it did not encrypt any data and it only wiped the server (not the backup).